Hey Todd,
Kinit uses the installed kerberos package - if your kerberos package
does not do TCP fallback in the AS_REQ, you'll never be able to get a
ticket when you see this error message - it's generated by the KDC,
which will refuse to issue a ticket roughly 1500 bytes (for MS KDCs).
Hi again,
You could either use an administrative account which is not a member of
so many groups (causing the packet too big error), or use a more
recent version of samba.
In any version = 3.0.22 the tcp fallback is not implemented during the
kpasswd request. The krb5.conf kdc line is not
What does kinit say, if you have the
e.g. kdc = tcp/192.168.1.1 line in your krb.conf?
I'm using the same (0.6.3) heimdal version that does not have a tcp
fallback. But could not get kinit to using UDP with this line in the
krb5.conf.
~ Martin
Nejc Škoberne schrieb:
Hi again,
You could
Hey Martin,
What does kinit say, if you have the
e.g. kdc = tcp/192.168.1.1 line in your krb.conf?
[EMAIL PROTECTED]:~# kinit [EMAIL PROTECTED]
[EMAIL PROTECTED]'s Password:
kinit: krb5_get_init_creds: Response too big for UDP, retry with TCP
krb5.conf:
[libdefaults]
default_realm =
Hello,
I am trying to join a Samba 3.0.24 server into an ADS domain, which is
served by two Windows 2003 servers (let's say srv1.domain.local (192.168.1.1)
and srv2.domain.local (192.168.1.4)). I am running Samba on a FreeBSD 6.2
machine and I have established an OpenVPN connection to the ADS
Hello!
You could either use an administrative account which is not a member of
so many groups (causing the packet too big error), or use a more
recent version of samba.
In any version = 3.0.22 the tcp fallback is not implemented during the
kpasswd request. The krb5.conf kdc line is not taken
Hey Martin,
thanks for your quick reply.
You could either use an administrative account which is not a member of
so many groups (causing the packet too big error), or use a more
recent version of samba.
I tried the first option first: created a new account, put it into
Administrators and